apnscp 3.0 released

msaladna · January 22, 2019, 5:54am

apnscp v3 is finally here! This is a polished release incorporating over 450+ changes since beta that launched in September. Among these changes are several notable additions:

rspamd + SRS support. SRS reforms a forwarded email’s envelope to match the forwarding server. Fixes DKIM/SPF problems with forwarded messages
Virus scan support in Web > Web Apps when clamav_enabled is set
upcp supports running components, e.g. upcp -b mail/rspamd
mod_evasive configuration scope, cpcmd config_get apache.evasive
Auto-learn feature by dragging mail in/out of Spam folder
Argos supports several new backends, including Slack
Bootstrapper override support (/root/apnscp-vars-runtime.yml), cpcmd config_get apnscp.bootstrapper
Sticky workers - apnscpd will reuse a hot session if possible to eliminate reinitialization overhead

With 3.0 out the door, it’s time to address feature requests that will be implemented in 3.1. This includes support for ownCloud, TimescaleDB metrics, PHP-FPM (when apache,jail=1 is configured for a site), Dovecot/Postfix SNI via haproxy, and block storage attachment. These will be incrementally rolled out as part of the master branch, so if you’d like to continue to receive technology as it’s released, set your update policy to “edge”:

cpcmd config_set apnscp.update-policy edge

v3 release notes

amar · February 4, 2019, 10:43pm

Congrats. Will try it now.

alexjpanagis · February 18, 2019, 8:54am

Is Apache the only configuration supported or could we configure WordPress and other sites to run on Nginx?

msaladna · February 18, 2019, 2:19pm

apnscp is Apache-only. There would be significant retooling involved to support tiered subdomain maps, of which I’m not aware of Nginx providing a similar facility. Moreover mod_evasive is an Apache module that sieves brute-force to fail2ban via bean counter. It’s possible to learn Nginx’s API in detail to do it, but…

An application’s chokepoint won’t be Apache or Nginx but rather the architecture itself. I benchmarked 10,000 static requests on Nginx and Apache, ab -n 10000 -c 20 and Nginx is faster by 3 ms. When a site takes 1500 milliseconds to load, that’s 0.2% of the total processing time.

It’s the wrong component to optimize for when doing so would violate some of the core features of apnscp’s HTTP stack.

Nginx

Requests per second:    6129.89 [#/sec] (mean)
Time per request:       3.263 [ms] (mean)
Time per request:       0.163 [ms] (mean, across all concurrent requests)
Transfer rate:          23549.80 [Kbytes/sec] received

Apache

Total transferred:      41140000 bytes
HTML transferred:       37000000 bytes
Requests per second:    3100.00 [#/sec] (mean)
Time per request:       6.452 [ms] (mean)

kaz050457 · March 11, 2019, 4:59am

Add section on next release where we can start stop restart the services(mail,dns,etc) used by apnc panel… thanks

msaladna · March 11, 2019, 5:17am

All of these should be driven by configuration knobs, not decisions. If you want monitoring, look into Argos, which is bundled with apnscp and will inform you, through your chosen channel, when a service flaps. You should never need to interact with a start/stop/restart toggle unless the system is broken. If the system is broken, then I’d love to know because I missed something!

cpcmd config_get apnscp.bootstrapper and cross referencing Bootstrapper are your best heuristics for now. You’re hosting websites, not building servers - I’ll take care of that part. You work on your sites

kaz050457 · March 11, 2019, 5:59am

Just want to disable the mail and anti spam to save resources…

msaladna · March 11, 2019, 6:21am

That’s easy!

upcp
cpcmd config_set mail_enabled false
cpcmd config_set anyversion_enabled false
upcp -sb

Any-version disablement is part of v3.0.23 if you’re not there yet.